by Joe Lima
Feedback
|
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days):
54684/
145
|
|
|
Unsightly File Extensions |
Displaying file extensions like .asp or .aspx in a site is a clear indication that you are running a Microsoft server and, in general, hiding file extensions is a good practice to mask the technology generating dynamic pages. You can change your application mappings (.asp becomes .htm or .foo, etc.), but such one-to-one mapping can make mixing server-side technologies painful and does nothing to alleviate headaches during site migrations. Doing without file extensions altogether is an even better idea, not only for security but also for ease-of-migration and content negotiation. Apache people will want to take a look at mod_negotiation. Watch out, though, for the Content-Location header in the server's response, which can give away the file extension that is not shown in the URL. You might have to suppress this header separately using mod_headers. In a similar vein, Port80 is working on a solution to allow file extension hiding in IIS. |
|
|
User Comments
No comments posted yet.
|
Product Spotlight
|
|